Recent trends in applying TPM to cloud computing

Trusted platform modules (TPM) have become important safe‐guards against variety of software‐based attacks. By providing a limited set of cryptographic services through a well‐defined interface, separated from the software itself, TPM can serve as a root of trust and as a building block for higher‐level security measures. This article surveys the literature for applications of TPM in the cloud‐computing environment, with publication dates comprised between 2013 and 2018. It identifies the current trends and objectives of this technology in the cloud, and the type of threats that it mitigates. Toward the end, the main research gaps are pinpointed and discussed. Since integrity measurement is one of the main usages of TPM, special attention is paid to the assessment of run time phases and software layers it is applied to.</p

On the Control Plane of a Self-Service Cloud Platform

Self-service Cloud Computing (SSC) [5] is a recentlyproposed model that empowers clients of public cloud platforms in two ways. First, it improves the security and privacy of client data by preventing cloud operators from snooping on or modifying client VMs. Second, it provides clients the flexibility to deploy services, such as VM introspection-based tools, on their own VMs. SSC achieves these goals by modifying the hypervisor privilege model. This paper focuses on the unique challenges involved in building a control plane for an SSC-based cloud platform. The control plane is the layer that facilitates interaction between hosts in the cloud infrastructure as well as between the client and the cloud. We describe a number of novel features in SSC’s control plane, such as its ability to allow specification of VM dependencies, flexible deployment of network middleboxes, and new VM migration protocols. We report on our design and implementation of SSC’s control plane, and present experimental evaluation of services implemented atop the control plane.Technical report DCS-tr-70